Search
Total
8599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-4204 | 1 Softacid | 1 Hotel Reservation System | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter. | |||||
| CVE-2008-6152 | 1 Sepcity | 1 Faculty Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in deptdisplay.asp in SepCity Faculty Portal allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: this was originally reported for Lawyer Portal, which does not have a deptdisplay.asp file. | |||||
| CVE-2008-4241 | 1 Cj | 1 Ultra Plus | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie. | |||||
| CVE-2008-4332 | 1 Cannot | 1 Php Infoboard | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php. | |||||
| CVE-2008-4356 | 1 Kasseler-cms | 1 Kasseler Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module. | |||||
| CVE-2008-4335 | 1 Atomic Photo Album | 1 Atomic Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to execute arbitrary SQL commands via the apa_album_ID parameter. | |||||
| CVE-2008-6042 | 1 Netartmedia | 1 Real Estate Portal | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the re_search module in NetArtMedia Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the ad parameter to index.php. | |||||
| CVE-2008-4345 | 1 Webportal | 1 Webportal Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter. | |||||
| CVE-2008-4347 | 1 Powie | 1 Pnews | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | |||||
| CVE-2008-6153 | 1 Jayeshp | 1 Pixel8 Web Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | |||||
| CVE-2008-4350 | 1 Vblogix | 1 Tutorial Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | |||||
| CVE-2008-4352 | 1 Phpsmartcom | 1 Phpsmartcom | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in inc/pages/viewprofile.php in phpSmartCom 0.2 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a viewprofile action to index.php. | |||||
| CVE-2008-4353 | 1 Linkarity | 1 Linkarity | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in link.php in Linkarity allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: although one component of Linkarity is distributable PHP code, this issue might be site-specific. If so, it should not be included in CVE. | |||||
| CVE-2008-4354 | 1 Net Art Media | 1 Iboutique | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the products module in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. | |||||
| CVE-2008-4355 | 1 Powie | 1 Pforum | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4357 | 1 Powie | 1 Plink | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4369 | 1 Availscript | 1 Availscript Photo Album | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2008-4371 | 1 Availscript | 1 Availscript Article Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in AvailScript Article Script allows remote attackers to execute arbitrary SQL commands via the aIDS parameter. | |||||
| CVE-2008-4373 | 1 Availscript | 1 Availscript Jobs Portal Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in job_seeker/applynow.php in AvailScript Job Portal Script allows remote attackers to execute arbitrary SQL commands via the jid parameter. | |||||
| CVE-2008-4374 | 1 Cmsbuzz | 1 Cms Buzz | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CMS Buzz allows remote attackers to execute arbitrary SQL commands via the id parameter in a playgame action. | |||||
| CVE-2008-4375 | 1 Availscript | 1 Availscript Classmate Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewprofile.php in Availscript Classmate Script allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2008-4376 | 1 Livetvscript | 1 Live Tv Script | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Live TV Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | |||||
| CVE-2008-4377 | 1 Creative Mind | 1 Creator Cms | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Creative Mind Creator CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the sideid parameter. | |||||
| CVE-2008-4378 | 1 Mr. Cgi Guy | 1 Hot Links Sql Php | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4379 | 1 Mr. Cgi Guy | 1 Hot Links Sql Php | 2017-09-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2008-5950 | 1 Aspapps | 1 Template Creature | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter. | |||||
| CVE-2008-6050 | 2 Ircmaxell, Joomla | 2 Tech Article, Joomla | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | |||||
| CVE-2008-4436 | 1 Bblog | 1 Wbblog | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter. | |||||
| CVE-2008-4457 | 1 Memht | 1 Memht Portal | 2017-09-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php. | |||||
| CVE-2008-6068 | 2 Joomla, Web Design Hero | 2 Joomla, Joomladate | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JoomlaDate (com_joomladate) component 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a viewProfile action to index.php. | |||||
| CVE-2008-4460 | 1 Vastal I-tech | 1 Mmorpg Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter. | |||||
| CVE-2008-4461 | 1 Vastal I-tech | 1 Dating Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter. | |||||
| CVE-2008-4462 | 1 Vastal I-tech | 1 Visa Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2008-4463 | 1 Vastal I-tech | 1 Jobs Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2008-4464 | 1 Vastal I-tech | 1 Mag Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-4465 | 1 Vastal I-tech | 1 Dvd Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_mags.php in Vastal I-Tech DVD Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-4466 | 1 Vastal I-tech | 1 Cosmetics Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_products_cat.php in Vastal I-Tech Cosmetics Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | |||||
| CVE-2008-4467 | 1 Vastal I-tech | 1 Toner Cart | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in show_series_ink.php in Vastal I-Tech Toner Cart allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4468 | 1 Vastal I-tech | 1 Share Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zone allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4469 | 1 Vastal I-tech | 1 Freelance Zone | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_cresume.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the coder_id parameter. | |||||
| CVE-2008-4492 | 1 Yourownbux | 1 Yourownbux | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie. | |||||
| CVE-2008-4494 | 1 Torrenttrader | 1 Torrenttrader | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in completed-advance.php in TorrentTrader Classic 1.08 and 1.04 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4495 | 1 Select Development Solutions | 1 Php Auto Dealer | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_cat.php in PHP Auto Dealer 2.7 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter. | |||||
| CVE-2008-4496 | 1 Select Development Solutions | 1 Php Realtor | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_cat.php in PHP Realtor 1.5 allows remote attackers to execute arbitrary SQL commands via the v_cat parameter. | |||||
| CVE-2008-4497 | 1 Built2go | 1 Real Estate Listings | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote attackers to execute arbitrary SQL commands via the event_id parameter. | |||||
| CVE-2008-4498 | 1 Phpautos | 1 Phpautos | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | |||||
| CVE-2008-4516 | 1 Galerie | 1 Galerie | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter. | |||||
| CVE-2008-4517 | 1 Geccbblite | 1 Geccbblite | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4518 | 1 Fastpublish | 1 Fastpublish Cms | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) allow remote attackers to execute arbitrary SQL commands via the (1) sprache parameter to index2.php and the (2) artikel parameter to index.php. | |||||
| CVE-2008-4521 | 1 Php-fusion | 1 World Of Warcraft Tracker Infusion Module | 2017-09-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter. | |||||